Hi Steve,
On Tuesday 30 May 2006 10:36, Steven Longenbohn wrote:
> I usually download the full SCS CD and do an install
from there.
> In that instance, should the MP1 and PP1 also be
installed after the
> product on the CD is used to upgrade the client (I
presume this would be
> so).
If you are installing via the CD directly (not using the SCS
admin tools to
push out clients), then it would be equivalent to the
process I outlined in
my previous note. If you want to use the SCS admin tools,
however, you
should get the complete patch directly from the Symantec
site:
http://www.symantec.c
om/techsupp/enterprise/products/sym_client_security/scs_3.1/
files.html
since that ZIP archive contains the additional file
(VPREMOTE.DAT) needed
for use with the Client Remote tool as outlined in the
installation
instructions on the Symantec web above.
For most folks using an unmanaged SCS client, running the
patches directly
as mentioned earlier is the simplest upgrade path.
--Karl
=======
> At 10:06 AM 5/30/2006, you wrote:
> >Hi Cheryl,
> >
> >On Tuesday 30 May 2006 09:21, Cheryl Olson wrote:
> > > patch for this exploit. Unfortunately,
according to their website
> > > for the SCS 3.02 patch
> > > (http://www.symantec.com/techsupp/enterprise/
products/sym_client_secu
> > >rity /scs_3/files.html), a patch isn't being
released for licensed
> > > versions of
> >
> >The patches are specific to the Maintenance Release
(MR) and Maintenance
> >Patch (MP) level for SCS that you are running. The
versions for
> > unlicensed SCS should all work for our
campus-supported versions of
> > SCS.
> >
> > > 3.02 and they're suggesting we upgrade to
3.1 which is only available
> > > as an early adopter on the campus software
website. I'm assuming our
> >
> >We intend to make 3.1 the current version very
shortly unless we hear
> > any reports of issues with this release (none so
far). So, unless you
> > have a pressing reason to stay with the older
version, I would
> > recommend that you consider going this route:
> >
> > 1) update to SCS 3.1
> > 2) apply the MP1 for 3.1
> > 3) apply the PP1 for SCS 3.1 MP1
> >
> >You can find all of these three installers here:
> >
> > http://wssg.berkeley.edu/public/test/scs3-fortesting/
> >
> >(first three downloads) temporarily until they are
migrated to the main
> >Software site.
> >
> >--Karl
> >
> >Karl Grose
> >IST
> >
> >=======
> >
> > > software is licensed. Has anyone found a
work-around to this or
> > > tried to install the patch for the unlicensed
version?
> > >
> > > <<<:>>>
> > >
> > > At 10:58 AM 5/26/2006, Allison Henry wrote:
> > > >As you may be aware, a vulnerability was
recently reported in
> > > > Symantec Anti-virus desktop software
that if, exploited, could
> > > > allow an attacker to execute malicious
code with SYSTEM level
> > > > access (see information below). The
version of Symantec Anti-virus
> > > > available on
> > > >http://software.berkeley
.edu, and included in the C B CD, is
> > > > vulnerable to this exploit. SNS is aware
of the vulnerability and
> > > > is working on solutions to help mitigate
the threat.
> > > >
> > > >Please be aware that this vulnerability
has been reported to
> > > > Symantec by a security research group,
and no exploits of this
> > > > vulnerability have been released at this
time. Symantec will be
> > > > releasing an update shortly, so to
prepare make sure your
> > > > LiveUpdate software is working properly
so you can receive updates
> > > > when they become available. When an
update is released or we get
> > > > any new information on this issue, we
will update the appropriate
> > > > mailing lists.
> > > >
> > > >
> > > >For more information:
> > > >
> > > >http://www.cnn.com/2006/TECH/internet/05/25/
antivirus.flaw.ap/index.
> > > >html
> > > >
> > > >and
> > > >
> > > >
http://eeye.com/html/research/upcoming/20060524.html
> > > >
> > > >Upcoming Advisories
> > > >
> > > >Date Reported:
> > > >May 24, 2006
> > > >
> > > >Vendor:
> > > >Symantec
> > > >
> > > >Description:
> > > >A remotely exploitable vulnerability
exists within the Symantec
> > > >Antivirus program. This flaw does not
require any end user
> > > > interaction for exploitation and can
compromise affected systems,
> > > > allowing for the execution of malicious
code with SYSTEM level
> > > > access.
> > > >
> > > >Severity:
> > > >High (Remote Code Execution)
> > > >
> > > >Remote Code Execution:
> > > >Yes
> > > >
> > > >Software Affected:
> > > >Symantec Antivirus 10.x
> > > >Symantec Client Security 3.x
> > > >(Other Symantec Antivirus products are
also potentially affected,
> > > >waiting for vendor list)
> > > >
> > > >Status:
> > > >Initial report stage
------------------------------------------------------------
------------
The following was automatically added to this message by the
list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.be
rkeley.edu/>.
|